vulnerability
Ubuntu: (CVE-2020-8518): php-horde-data vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Feb 17, 2020 | Jun 26, 2025 | Aug 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 17, 2020
Added
Jun 26, 2025
Modified
Aug 18, 2025
Description
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
Solution
no-fix-ubuntu-package
References
- CVE-2020-8518
- https://attackerkb.com/topics/CVE-2020-8518
- CWE-94
- URL-https://lists.fedoraproject.org/archives/list/[email protected]/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/
- URL-https://lists.fedoraproject.org/archives/list/[email protected]/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/
- URL-https://lists.horde.org/archives/announce/2020/001285.html
- URL-https://www.cve.org/CVERecord?id=CVE-2020-8518
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.